This Data Processing Agreement ("DPA") governs the processing of personal data by Cortena B.V. on behalf of its customers, in connection with the Cortena platform and services. It forms part of the Subscription Agreement between Cortena and the Customer and is incorporated by reference into that agreement.
This DPA is published and maintained at help.cortena.ai. The version in effect at the Effective Date of each Subscription Agreement is binding. Cortena will notify customers of any material changes with at least 30 days prior written notice.
For questions: compliance@cortena.ai — DPO: Sharon Klaver
"Agreement" means this Data Processing Agreement and all annexes, forming part of the Subscription Agreement between Cortena and the Customer.
"Controller" means the Customer, who determines the purposes and means of processing personal data.
"Processor" means Cortena B.V., who processes personal data on behalf of the Controller.
"Customer Personal Data" means any personal data processed by Cortena on behalf of the Customer pursuant to or in connection with the Subscription Agreement.
"Data Protection Laws" means the General Data Protection Regulation (EU) 2016/679 (GDPR), and any applicable national implementing legislation, as amended or replaced from time to time.
"Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Customer Personal Data.
"Sub-processor" means any third party appointed by Cortena to process Customer Personal Data in connection with the provision of the Service.
"Services" means the AI Finance Operations platform and related services provided by Cortena under the Subscription Agreement.
"EEA" means the European Economic Area.
Cortena shall process Customer Personal Data only on documented instructions from the Customer, unless required to do so by applicable law. The Subscription Agreement, together with any written instructions provided by the Customer, constitutes the Customer's documented instructions for the purposes of this DPA.
Cortena processes Customer Personal Data solely for the purpose of providing and maintaining the Services as described in the Subscription Agreement. Cortena shall not process Customer Personal Data for any other purpose, including but not limited to training or improving AI models, benchmarking, or developing products or features for other customers.